Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Firefox redirecting


  • Please log in to reply
9 replies to this topic

#1 Mr Darkwater

Mr Darkwater

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:22 PM

Posted 12 February 2012 - 09:40 AM

Hi all,

This just started happening today. Anytime I go to any site...I get redirected to another random site. I have tried uninstall and reinstalling and still it has the same effect. I have use Avast and Malwarebytes and still the problem has not been fixed.


Any help would be GREATLY appreciated!



Darkwater

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:22 AM

Posted 12 February 2012 - 01:31 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 Mr Darkwater

Mr Darkwater
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:22 PM

Posted 12 February 2012 - 07:37 PM

Hey Narenxp,

Thanks for getting back to me so fast.

Here's the logs you asked for.


TDSSKILLER:





11:15:40.0796 2184 TDSS rootkit removing tool 2.7.11.0 Feb 9 2012 10:12:57
11:15:41.0515 2184 ============================================================
11:15:41.0515 2184 Current date / time: 2012/02/12 11:15:41.0515
11:15:41.0515 2184 SystemInfo:
11:15:41.0515 2184
11:15:41.0515 2184 OS Version: 5.1.2600 ServicePack: 3.0
11:15:41.0515 2184 Product type: Workstation
11:15:41.0515 2184 ComputerName: PAST-594BFF0499
11:15:41.0515 2184 UserName: Administrator
11:15:41.0515 2184 Windows directory: C:\WINDOWS
11:15:41.0515 2184 System windows directory: C:\WINDOWS
11:15:41.0515 2184 Processor architecture: Intel x86
11:15:41.0515 2184 Number of processors: 2
11:15:41.0515 2184 Page size: 0x1000
11:15:41.0515 2184 Boot type: Normal boot
11:15:41.0515 2184 ============================================================
11:15:41.0828 2184 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:15:41.0828 2184 Drive \Device\Harddisk1\DR2 - Size: 0x1DEFFFE00 (7.48 Gb), SectorSize: 0x200, Cylinders: 0x3D1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:15:41.0828 2184 Drive \Device\Harddisk2\DR3 - Size: 0x1D1C1115E00 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:15:41.0828 2184 Drive \Device\Harddisk3\DR4 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:15:41.0859 2184 \Device\Harddisk0\DR0:
11:15:41.0859 2184 MBR used
11:15:41.0859 2184 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1
11:15:41.0859 2184 \Device\Harddisk1\DR2:
11:15:41.0859 2184 MBR used
11:15:41.0859 2184 \Device\Harddisk2\DR3:
11:15:41.0859 2184 MBR used
11:15:41.0859 2184 \Device\Harddisk2\DR3\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE8E074C1
11:15:41.0859 2184 \Device\Harddisk3\DR4:
11:15:41.0859 2184 MBR used
11:15:41.0859 2184 \Device\Harddisk3\DR4\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF93782
11:15:42.0062 2184 Initialize success
11:15:42.0062 2184 ============================================================
11:15:43.0484 3988 ============================================================
11:15:43.0484 3988 Scan started
11:15:43.0484 3988 Mode: Manual;
11:15:43.0484 3988 ============================================================
11:15:43.0578 3988 .afd - ok
11:15:43.0593 3988 .cdrom - ok
11:15:43.0609 3988 .mrxsmb - ok
11:15:43.0640 3988 .netbt - ok
11:15:43.0656 3988 .serial - ok
11:15:43.0781 3988 Aavmker4 (b6de0336f9f4b687b4ff57939f7b657a) C:\WINDOWS\system32\drivers\Aavmker4.sys
11:15:43.0781 3988 Aavmker4 - ok
11:15:43.0781 3988 Abiosdsk - ok
11:15:43.0796 3988 abp480n5 - ok
11:15:43.0875 3988 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:15:43.0875 3988 ACPI - ok
11:15:43.0921 3988 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
11:15:43.0921 3988 ACPIEC - ok
11:15:43.0937 3988 adfs - ok
11:15:43.0937 3988 adpu160m - ok
11:15:43.0984 3988 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
11:15:44.0000 3988 aec - ok
11:15:44.0046 3988 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
11:15:44.0046 3988 AFD - ok
11:15:44.0062 3988 Aha154x - ok
11:15:44.0062 3988 aic78u2 - ok
11:15:44.0078 3988 aic78xx - ok
11:15:44.0093 3988 AliIde - ok
11:15:44.0109 3988 amsint - ok
11:15:44.0171 3988 appliand (05eda44c080ebaf758f8a318488ffd75) C:\WINDOWS\system32\DRIVERS\appliand.sys
11:15:44.0171 3988 appliand - ok
11:15:44.0171 3988 appliandMP (05eda44c080ebaf758f8a318488ffd75) C:\WINDOWS\system32\DRIVERS\appliand.sys
11:15:44.0171 3988 appliandMP - ok
11:15:44.0218 3988 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
11:15:44.0218 3988 Arp1394 - ok
11:15:44.0312 3988 asc - ok
11:15:44.0312 3988 asc3350p - ok
11:15:44.0328 3988 asc3550 - ok
11:15:44.0390 3988 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\WINDOWS\system32\drivers\aswFsBlk.sys
11:15:44.0390 3988 aswFsBlk - ok
11:15:44.0406 3988 aswMon2 (ef0e9ad83380724bd6fbbb51d2d0f5b8) C:\WINDOWS\system32\drivers\aswMon2.sys
11:15:44.0406 3988 aswMon2 - ok
11:15:44.0437 3988 aswRdr (352d5a48ebab35a7693b048679304831) C:\WINDOWS\system32\drivers\aswRdr.sys
11:15:44.0437 3988 aswRdr - ok
11:15:44.0484 3988 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\WINDOWS\system32\drivers\aswSnx.sys
11:15:44.0484 3988 aswSnx - ok
11:15:44.0515 3988 aswSP (010012597333da1f46c3243f33f8409e) C:\WINDOWS\system32\drivers\aswSP.sys
11:15:44.0515 3988 aswSP - ok
11:15:44.0546 3988 aswTdi (f9f84364416658e9786235904d448d37) C:\WINDOWS\system32\drivers\aswTdi.sys
11:15:44.0546 3988 aswTdi - ok
11:15:44.0593 3988 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:15:44.0593 3988 AsyncMac - ok
11:15:44.0718 3988 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:15:44.0718 3988 atapi - ok
11:15:44.0734 3988 Atdisk - ok
11:15:44.0828 3988 ati2mtag (4f1d98c5faa232d89f479aa2f6ef4196) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
11:15:44.0843 3988 ati2mtag - ok
11:15:44.0875 3988 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:15:44.0875 3988 Atmarpc - ok
11:15:44.0921 3988 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:15:44.0921 3988 audstub - ok
11:15:45.0015 3988 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:15:45.0015 3988 cbidf2k - ok
11:15:45.0046 3988 CCDECODE (fdc06e2ada8c468ebb161624e03976cf) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
11:15:45.0046 3988 CCDECODE - ok
11:15:45.0140 3988 cd20xrnt - ok
11:15:45.0187 3988 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
11:15:45.0187 3988 Cdaudio - ok
11:15:45.0234 3988 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
11:15:45.0250 3988 Cdfs - ok
11:15:45.0281 3988 cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:15:45.0296 3988 cdrom - ok
11:15:45.0312 3988 Changer - ok
11:15:45.0328 3988 CmdIde - ok
11:15:45.0359 3988 COMMONFX.DLL (2978318127965cbb9f66d45428aa3ddf) C:\WINDOWS\system32\COMMONFX.DLL
11:15:45.0375 3988 COMMONFX.DLL - ok
11:15:45.0421 3988 CompFilter (216f2c5cd4b5858d9a80a09a5479562b) C:\WINDOWS\system32\DRIVERS\lvbusflt.sys
11:15:45.0421 3988 CompFilter - ok
11:15:45.0437 3988 Cpqarray - ok
11:15:45.0500 3988 CT20XUT (134cdd242af1ae9961f065fba3508a7b) C:\WINDOWS\system32\drivers\CT20XUT.SYS
11:15:45.0500 3988 CT20XUT - ok
11:15:45.0609 3988 CT20XUT.DLL (c338a508efb295478f1ab4fabacedc15) C:\WINDOWS\system32\CT20XUT.DLL
11:15:45.0609 3988 CT20XUT.DLL - ok
11:15:45.0687 3988 ctac32k (93439baf09ce3c6d4ce55da5b07d1b6a) C:\WINDOWS\system32\drivers\ctac32k.sys
11:15:45.0687 3988 ctac32k - ok
11:15:45.0718 3988 ctaud2k (6ab74512f09d673452d63ddec9014db5) C:\WINDOWS\system32\drivers\ctaud2k.sys
11:15:45.0718 3988 ctaud2k - ok
11:15:45.0734 3988 CTAUDFX.DLL (966b19e9f8136afbeec9a2f0cb1f2564) C:\WINDOWS\system32\CTAUDFX.DLL
11:15:45.0734 3988 CTAUDFX.DLL - ok
11:15:45.0781 3988 ctdvda2k (788db5d99b2ca44ff61d8ed7b3c67c2e) C:\WINDOWS\system32\drivers\ctdvda2k.sys
11:15:45.0796 3988 ctdvda2k - ok
11:15:45.0812 3988 CTEAPSFX.DLL (bd4bf4ba0791e9c8fb68b317443d2064) C:\WINDOWS\system32\CTEAPSFX.DLL
11:15:45.0828 3988 CTEAPSFX.DLL - ok
11:15:45.0843 3988 CTEDSPFX.DLL (fe0823d8280a51a5575ae2fd9a3732e2) C:\WINDOWS\system32\CTEDSPFX.DLL
11:15:45.0843 3988 CTEDSPFX.DLL - ok
11:15:45.0953 3988 CTEDSPIO.DLL (eaf112535481ab76a022a274f1a8f924) C:\WINDOWS\system32\CTEDSPIO.DLL
11:15:45.0953 3988 CTEDSPIO.DLL - ok
11:15:45.0968 3988 CTEDSPSY.DLL (db50923f48b8a8fd80329dae21ad316c) C:\WINDOWS\system32\CTEDSPSY.DLL
11:15:45.0968 3988 CTEDSPSY.DLL - ok
11:15:45.0984 3988 CTERFXFX.DLL (c7f3e238871c8a0473430f8f87921ec5) C:\WINDOWS\system32\CTERFXFX.DLL
11:15:45.0984 3988 CTERFXFX.DLL - ok
11:15:46.0062 3988 CTEXFIFX (3a9ad039d94be8d955ad0b2cb207378d) C:\WINDOWS\system32\drivers\CTEXFIFX.SYS
11:15:46.0078 3988 CTEXFIFX - ok
11:15:46.0109 3988 CTEXFIFX.DLL (06f1fa6bb9584e7042d622546ca15cf7) C:\WINDOWS\system32\CTEXFIFX.DLL
11:15:46.0125 3988 CTEXFIFX.DLL - ok
11:15:46.0140 3988 CTHWIUT (4602ad8c8e1b285e1a23a957f487da86) C:\WINDOWS\system32\drivers\CTHWIUT.SYS
11:15:46.0140 3988 CTHWIUT - ok
11:15:46.0171 3988 CTHWIUT.DLL (96ead0d0472c620a5bc94dde1a6e1b53) C:\WINDOWS\system32\CTHWIUT.DLL
11:15:46.0171 3988 CTHWIUT.DLL - ok
11:15:46.0203 3988 ctprxy2k (d42b84671f2193330215d3c375a2e948) C:\WINDOWS\system32\drivers\ctprxy2k.sys
11:15:46.0218 3988 ctprxy2k - ok
11:15:46.0328 3988 CTSBLFX.DLL (14cad906dbec361b572ab2eb1ccf390a) C:\WINDOWS\system32\CTSBLFX.DLL
11:15:46.0328 3988 CTSBLFX.DLL - ok
11:15:46.0375 3988 ctsfm2k (fcbb8ea6fe935d2c531d3a4dee9f985b) C:\WINDOWS\system32\drivers\ctsfm2k.sys
11:15:46.0375 3988 ctsfm2k - ok
11:15:46.0406 3988 CTUSFSYN (12a7b253f9128b3b68a9979827047b76) C:\WINDOWS\system32\drivers\ctusfsyn.sys
11:15:46.0406 3988 CTUSFSYN - ok
11:15:46.0406 3988 dac2w2k - ok
11:15:46.0406 3988 dac960nt - ok
11:15:46.0453 3988 DFUBTUSB (31273c758c6df7fc27b00be78c7220e9) C:\WINDOWS\system32\Drivers\frmupgr.sys
11:15:46.0453 3988 DFUBTUSB - ok
11:15:46.0484 3988 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
11:15:46.0500 3988 Disk - ok
11:15:46.0531 3988 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
11:15:46.0546 3988 dmboot - ok
11:15:46.0562 3988 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\DRIVERS\dmio.sys
11:15:46.0562 3988 dmio - ok
11:15:46.0671 3988 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
11:15:46.0671 3988 dmload - ok
11:15:46.0703 3988 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
11:15:46.0703 3988 DMusic - ok
11:15:46.0718 3988 dpti2o - ok
11:15:46.0734 3988 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
11:15:46.0734 3988 drmkaud - ok
11:15:46.0750 3988 dump_wmimmc - ok
11:15:46.0796 3988 emupia (04afe5c11777e33178ec11e1fac47b07) C:\WINDOWS\system32\drivers\emupia2k.sys
11:15:46.0796 3988 emupia - ok
11:15:46.0843 3988 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
11:15:46.0859 3988 Fastfat - ok
11:15:46.0906 3988 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
11:15:46.0906 3988 Fdc - ok
11:15:46.0921 3988 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
11:15:46.0921 3988 Fips - ok
11:15:46.0921 3988 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
11:15:46.0921 3988 Flpydisk - ok
11:15:46.0968 3988 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
11:15:46.0968 3988 FltMgr - ok
11:15:46.0984 3988 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:15:46.0984 3988 Fs_Rec - ok
11:15:47.0000 3988 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:15:47.0000 3988 Ftdisk - ok
11:15:47.0000 3988 Scan interrupted by user!
11:15:47.0000 3988 Scan interrupted by user!
11:15:47.0000 3988 Scan interrupted by user!
11:15:47.0000 3988 ============================================================
11:15:47.0000 3988 Scan finished
11:15:47.0000 3988 ============================================================
11:15:47.0015 3856 Detected object count: 0
11:15:47.0015 3856 Actual detected object count: 0
11:15:52.0093 2904 ============================================================
11:15:52.0093 2904 Scan started
11:15:52.0093 2904 Mode: Manual; TDLFS;
11:15:52.0093 2904 ============================================================
11:15:52.0171 2904 .afd - ok
11:15:52.0171 2904 .cdrom - ok
11:15:52.0187 2904 .mrxsmb - ok
11:15:52.0218 2904 .netbt - ok
11:15:52.0234 2904 .serial - ok
11:15:52.0343 2904 Aavmker4 (b6de0336f9f4b687b4ff57939f7b657a) C:\WINDOWS\system32\drivers\Aavmker4.sys
11:15:52.0343 2904 Aavmker4 - ok
11:15:52.0359 2904 Abiosdsk - ok
11:15:52.0359 2904 abp480n5 - ok
11:15:52.0406 2904 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:15:52.0406 2904 ACPI - ok
11:15:52.0500 2904 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
11:15:52.0500 2904 ACPIEC - ok
11:15:52.0500 2904 adfs - ok
11:15:52.0515 2904 adpu160m - ok
11:15:52.0562 2904 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
11:15:52.0562 2904 aec - ok
11:15:52.0640 2904 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
11:15:52.0640 2904 AFD - ok
11:15:52.0640 2904 Aha154x - ok
11:15:52.0656 2904 aic78u2 - ok
11:15:52.0656 2904 aic78xx - ok
11:15:52.0687 2904 AliIde - ok
11:15:52.0687 2904 amsint - ok
11:15:52.0734 2904 appliand (05eda44c080ebaf758f8a318488ffd75) C:\WINDOWS\system32\DRIVERS\appliand.sys
11:15:52.0734 2904 appliand - ok
11:15:52.0734 2904 appliandMP (05eda44c080ebaf758f8a318488ffd75) C:\WINDOWS\system32\DRIVERS\appliand.sys
11:15:52.0734 2904 appliandMP - ok
11:15:52.0750 2904 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
11:15:52.0750 2904 Arp1394 - ok
11:15:52.0828 2904 asc - ok
11:15:52.0828 2904 asc3350p - ok
11:15:52.0843 2904 asc3550 - ok
11:15:52.0906 2904 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\WINDOWS\system32\drivers\aswFsBlk.sys
11:15:52.0906 2904 aswFsBlk - ok
11:15:52.0921 2904 aswMon2 (ef0e9ad83380724bd6fbbb51d2d0f5b8) C:\WINDOWS\system32\drivers\aswMon2.sys
11:15:52.0921 2904 aswMon2 - ok
11:15:52.0968 2904 aswRdr (352d5a48ebab35a7693b048679304831) C:\WINDOWS\system32\drivers\aswRdr.sys
11:15:52.0968 2904 aswRdr - ok
11:15:53.0031 2904 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\WINDOWS\system32\drivers\aswSnx.sys
11:15:53.0031 2904 aswSnx - ok
11:15:53.0062 2904 aswSP (010012597333da1f46c3243f33f8409e) C:\WINDOWS\system32\drivers\aswSP.sys
11:15:53.0062 2904 aswSP - ok
11:15:53.0093 2904 aswTdi (f9f84364416658e9786235904d448d37) C:\WINDOWS\system32\drivers\aswTdi.sys
11:15:53.0093 2904 aswTdi - ok
11:15:53.0125 2904 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:15:53.0125 2904 AsyncMac - ok
11:15:53.0187 2904 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:15:53.0187 2904 atapi - ok
11:15:53.0250 2904 Atdisk - ok
11:15:53.0312 2904 ati2mtag (4f1d98c5faa232d89f479aa2f6ef4196) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
11:15:53.0328 2904 ati2mtag - ok
11:15:53.0343 2904 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:15:53.0343 2904 Atmarpc - ok
11:15:53.0406 2904 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:15:53.0406 2904 audstub - ok
11:15:53.0484 2904 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:15:53.0484 2904 cbidf2k - ok
11:15:53.0531 2904 CCDECODE (fdc06e2ada8c468ebb161624e03976cf) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
11:15:53.0531 2904 CCDECODE - ok
11:15:53.0531 2904 cd20xrnt - ok
11:15:53.0562 2904 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
11:15:53.0562 2904 Cdaudio - ok
11:15:53.0671 2904 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
11:15:53.0671 2904 Cdfs - ok
11:15:53.0718 2904 cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:15:53.0718 2904 cdrom - ok
11:15:53.0718 2904 Changer - ok
11:15:53.0750 2904 CmdIde - ok
11:15:53.0765 2904 COMMONFX.DLL (2978318127965cbb9f66d45428aa3ddf) C:\WINDOWS\system32\COMMONFX.DLL
11:15:53.0781 2904 COMMONFX.DLL - ok
11:15:53.0828 2904 CompFilter (216f2c5cd4b5858d9a80a09a5479562b) C:\WINDOWS\system32\DRIVERS\lvbusflt.sys
11:15:53.0828 2904 CompFilter - ok
11:15:53.0843 2904 Cpqarray - ok
11:15:53.0906 2904 CT20XUT (134cdd242af1ae9961f065fba3508a7b) C:\WINDOWS\system32\drivers\CT20XUT.SYS
11:15:53.0906 2904 CT20XUT - ok
11:15:53.0921 2904 CT20XUT.DLL (c338a508efb295478f1ab4fabacedc15) C:\WINDOWS\system32\CT20XUT.DLL
11:15:53.0921 2904 CT20XUT.DLL - ok
11:15:53.0968 2904 ctac32k (93439baf09ce3c6d4ce55da5b07d1b6a) C:\WINDOWS\system32\drivers\ctac32k.sys
11:15:53.0968 2904 ctac32k - ok
11:15:54.0078 2904 ctaud2k (6ab74512f09d673452d63ddec9014db5) C:\WINDOWS\system32\drivers\ctaud2k.sys
11:15:54.0078 2904 ctaud2k - ok
11:15:54.0093 2904 CTAUDFX.DLL (966b19e9f8136afbeec9a2f0cb1f2564) C:\WINDOWS\system32\CTAUDFX.DLL
11:15:54.0109 2904 CTAUDFX.DLL - ok
11:15:54.0156 2904 ctdvda2k (788db5d99b2ca44ff61d8ed7b3c67c2e) C:\WINDOWS\system32\drivers\ctdvda2k.sys
11:15:54.0156 2904 ctdvda2k - ok
11:15:54.0187 2904 CTEAPSFX.DLL (bd4bf4ba0791e9c8fb68b317443d2064) C:\WINDOWS\system32\CTEAPSFX.DLL
11:15:54.0187 2904 CTEAPSFX.DLL - ok
11:15:54.0218 2904 CTEDSPFX.DLL (fe0823d8280a51a5575ae2fd9a3732e2) C:\WINDOWS\system32\CTEDSPFX.DLL
11:15:54.0218 2904 CTEDSPFX.DLL - ok
11:15:54.0234 2904 CTEDSPIO.DLL (eaf112535481ab76a022a274f1a8f924) C:\WINDOWS\system32\CTEDSPIO.DLL
11:15:54.0234 2904 CTEDSPIO.DLL - ok
11:15:54.0234 2904 CTEDSPSY.DLL (db50923f48b8a8fd80329dae21ad316c) C:\WINDOWS\system32\CTEDSPSY.DLL
11:15:54.0234 2904 CTEDSPSY.DLL - ok
11:15:54.0250 2904 CTERFXFX.DLL (c7f3e238871c8a0473430f8f87921ec5) C:\WINDOWS\system32\CTERFXFX.DLL
11:15:54.0265 2904 CTERFXFX.DLL - ok
11:15:54.0343 2904 CTEXFIFX (3a9ad039d94be8d955ad0b2cb207378d) C:\WINDOWS\system32\drivers\CTEXFIFX.SYS
11:15:54.0343 2904 CTEXFIFX - ok
11:15:54.0468 2904 CTEXFIFX.DLL (06f1fa6bb9584e7042d622546ca15cf7) C:\WINDOWS\system32\CTEXFIFX.DLL
11:15:54.0468 2904 CTEXFIFX.DLL - ok
11:15:54.0484 2904 CTHWIUT (4602ad8c8e1b285e1a23a957f487da86) C:\WINDOWS\system32\drivers\CTHWIUT.SYS
11:15:54.0484 2904 CTHWIUT - ok
11:15:54.0500 2904 CTHWIUT.DLL (96ead0d0472c620a5bc94dde1a6e1b53) C:\WINDOWS\system32\CTHWIUT.DLL
11:15:54.0515 2904 CTHWIUT.DLL - ok
11:15:54.0546 2904 ctprxy2k (d42b84671f2193330215d3c375a2e948) C:\WINDOWS\system32\drivers\ctprxy2k.sys
11:15:54.0546 2904 ctprxy2k - ok
11:15:54.0593 2904 CTSBLFX.DLL (14cad906dbec361b572ab2eb1ccf390a) C:\WINDOWS\system32\CTSBLFX.DLL
11:15:54.0593 2904 CTSBLFX.DLL - ok
11:15:54.0640 2904 ctsfm2k (fcbb8ea6fe935d2c531d3a4dee9f985b) C:\WINDOWS\system32\drivers\ctsfm2k.sys
11:15:54.0640 2904 ctsfm2k - ok
11:15:54.0671 2904 CTUSFSYN (12a7b253f9128b3b68a9979827047b76) C:\WINDOWS\system32\drivers\ctusfsyn.sys
11:15:54.0671 2904 CTUSFSYN - ok
11:15:54.0734 2904 dac2w2k - ok
11:15:54.0734 2904 dac960nt - ok
11:15:54.0781 2904 DFUBTUSB (31273c758c6df7fc27b00be78c7220e9) C:\WINDOWS\system32\Drivers\frmupgr.sys
11:15:54.0781 2904 DFUBTUSB - ok
11:15:54.0812 2904 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
11:15:54.0812 2904 Disk - ok
11:15:54.0859 2904 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
11:15:54.0875 2904 dmboot - ok
11:15:54.0890 2904 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\DRIVERS\dmio.sys
11:15:54.0890 2904 dmio - ok
11:15:54.0890 2904 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
11:15:54.0890 2904 dmload - ok
11:15:54.0906 2904 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
11:15:54.0906 2904 DMusic - ok
11:15:54.0921 2904 dpti2o - ok
11:15:54.0937 2904 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
11:15:54.0937 2904 drmkaud - ok
11:15:54.0953 2904 dump_wmimmc - ok
11:15:55.0000 2904 emupia (04afe5c11777e33178ec11e1fac47b07) C:\WINDOWS\system32\drivers\emupia2k.sys
11:15:55.0000 2904 emupia - ok
11:15:55.0046 2904 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
11:15:55.0046 2904 Fastfat - ok
11:15:55.0156 2904 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
11:15:55.0156 2904 Fdc - ok
11:15:55.0171 2904 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
11:15:55.0171 2904 Fips - ok
11:15:55.0187 2904 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
11:15:55.0187 2904 Flpydisk - ok
11:15:55.0234 2904 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
11:15:55.0234 2904 FltMgr - ok
11:15:55.0234 2904 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:15:55.0234 2904 Fs_Rec - ok
11:15:55.0250 2904 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:15:55.0265 2904 Ftdisk - ok
11:15:55.0296 2904 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
11:15:55.0296 2904 GEARAspiWDM - ok
11:15:55.0343 2904 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:15:55.0343 2904 Gpc - ok
11:15:55.0390 2904 ha20x2k (41fce1833d8f659acc56cb0ee43b2ced) C:\WINDOWS\system32\drivers\ha20x2k.sys
11:15:55.0421 2904 ha20x2k - ok
11:15:55.0484 2904 HdAudAddService (56bf27d7a539f9e6bbc1de201aba0edf) C:\WINDOWS\system32\drivers\AtiHdAud.sys
11:15:55.0484 2904 HdAudAddService - ok
11:15:55.0593 2904 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:15:55.0609 2904 HDAudBus - ok
11:15:55.0656 2904 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:15:55.0656 2904 hidusb - ok
11:15:55.0671 2904 hpn - ok
11:15:55.0703 2904 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
11:15:55.0703 2904 HPZid412 - ok
11:15:55.0734 2904 HPZipr12 (0b4fda2657c3e0315eaa57f9c6d4fd1f) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
11:15:55.0734 2904 HPZipr12 - ok
11:15:55.0750 2904 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
11:15:55.0750 2904 HPZius12 - ok
11:15:55.0796 2904 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
11:15:55.0796 2904 HTTP - ok
11:15:55.0812 2904 i2omgmt - ok
11:15:55.0828 2904 i2omp - ok
11:15:55.0875 2904 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:15:55.0875 2904 i8042prt - ok
11:15:55.0937 2904 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
11:15:55.0953 2904 Imapi - ok
11:15:55.0953 2904 ini910u - ok
11:15:56.0062 2904 IntcAzAudAddService (60d7460b07012d364ced11dd9fd83e1f) C:\WINDOWS\system32\drivers\RtkHDAud.sys
11:15:56.0125 2904 IntcAzAudAddService - ok
11:15:56.0125 2904 IntelIde - ok
11:15:56.0156 2904 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:15:56.0156 2904 intelppm - ok
11:15:56.0187 2904 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
11:15:56.0187 2904 Ip6Fw - ok
11:15:56.0234 2904 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:15:56.0234 2904 IpFilterDriver - ok
11:15:56.0250 2904 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:15:56.0250 2904 IpInIp - ok
11:15:56.0343 2904 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:15:56.0343 2904 IpNat - ok
11:15:56.0390 2904 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:15:56.0390 2904 IPSec - ok
11:15:56.0453 2904 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
11:15:56.0453 2904 IRENUM - ok
11:15:56.0500 2904 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:15:56.0515 2904 isapnp - ok
11:15:56.0546 2904 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:15:56.0546 2904 Kbdclass - ok
11:15:56.0562 2904 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:15:56.0562 2904 kbdhid - ok
11:15:56.0625 2904 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
11:15:56.0625 2904 kmixer - ok
11:15:56.0656 2904 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
11:15:56.0656 2904 KSecDD - ok
11:15:56.0718 2904 L8042Kbd (d8d3f1c1e82117a3776a2d320a7b3694) C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
11:15:56.0718 2904 L8042Kbd - ok
11:15:56.0718 2904 L8042mou (5262222fb4a7b57b48115016ccfd1f4c) C:\WINDOWS\system32\DRIVERS\L8042mou.Sys
11:15:56.0718 2904 L8042mou - ok
11:15:56.0781 2904 LBeepKE (e254e5b2c5227ddbb47d045940a0a559) C:\WINDOWS\system32\Drivers\LBeepKE.sys
11:15:56.0781 2904 LBeepKE - ok
11:15:56.0781 2904 lbrtfdc - ok
11:15:56.0828 2904 LHidFilt (8b30311241f97b35167afe68d79e8530) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
11:15:56.0828 2904 LHidFilt - ok
11:15:56.0843 2904 LMouFilt (48d7422a6c4eec886b56ac534cfa3acf) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
11:15:56.0843 2904 LMouFilt - ok
11:15:56.0875 2904 LMouKE (96062ec1f26f08ebe056c026667744dd) C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
11:15:56.0875 2904 LMouKE - ok
11:15:56.0921 2904 LVPr2Mon (8be71d7edb8c7494913722059f760dd0) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
11:15:56.0921 2904 LVPr2Mon - ok
11:15:56.0968 2904 LVRS (a1857fbb9b4930eeb2fd92386c45c529) C:\WINDOWS\system32\DRIVERS\lvrs.sys
11:15:56.0968 2904 LVRS - ok
11:15:57.0062 2904 LVUVC (3703406af0726badd24c5e552493e5b1) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
11:15:57.0093 2904 LVUVC - ok
11:15:57.0156 2904 mbamchameleon (7ffd29fafcde7aaf89b689b6e156d5b0) C:\WINDOWS\system32\drivers\mbamchameleon.sys
11:15:57.0156 2904 mbamchameleon - ok
11:15:57.0187 2904 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
11:15:57.0203 2904 mnmdd - ok
11:15:57.0250 2904 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
11:15:57.0250 2904 Modem - ok
11:15:57.0296 2904 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:15:57.0296 2904 Mouclass - ok
11:15:57.0343 2904 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:15:57.0343 2904 mouhid - ok
11:15:57.0390 2904 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
11:15:57.0390 2904 MountMgr - ok
11:15:57.0390 2904 mraid35x - ok
11:15:57.0406 2904 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:15:57.0406 2904 MRxDAV - ok
11:15:57.0453 2904 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
11:15:57.0453 2904 Msfs - ok
11:15:57.0484 2904 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:15:57.0484 2904 MSKSSRV - ok
11:15:57.0546 2904 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:15:57.0546 2904 MSPCLOCK - ok
11:15:57.0578 2904 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
11:15:57.0578 2904 MSPQM - ok
11:15:57.0609 2904 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:15:57.0609 2904 mssmbios - ok
11:15:57.0687 2904 MSTEE (d5059366b361f0e1124753447af08aa2) C:\WINDOWS\system32\drivers\MSTEE.sys
11:15:57.0687 2904 MSTEE - ok
11:15:57.0718 2904 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
11:15:57.0718 2904 MTsensor - ok
11:15:57.0765 2904 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
11:15:57.0765 2904 Mup - ok
11:15:57.0796 2904 NABTSFEC (ac31b352ce5e92704056d409834beb74) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
11:15:57.0796 2904 NABTSFEC - ok
11:15:57.0828 2904 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
11:15:57.0828 2904 NDIS - ok
11:15:57.0875 2904 NdisIP (abd7629cf2796250f315c1dd0b6cf7a0) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
11:15:57.0875 2904 NdisIP - ok
11:15:57.0921 2904 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:15:57.0921 2904 NdisTapi - ok
11:15:57.0937 2904 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:15:57.0937 2904 Ndisuio - ok
11:15:57.0968 2904 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:15:57.0968 2904 NdisWan - ok
11:15:58.0015 2904 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
11:15:58.0015 2904 NDProxy - ok
11:15:58.0015 2904 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
11:15:58.0031 2904 NetBIOS - ok
11:15:58.0062 2904 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
11:15:58.0062 2904 NetBT - ok
11:15:58.0140 2904 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
11:15:58.0140 2904 NIC1394 - ok
11:15:58.0156 2904 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
11:15:58.0156 2904 Npfs - ok
11:15:58.0171 2904 npkcrypt - ok
11:15:58.0171 2904 npkcusb - ok
11:15:58.0218 2904 NPPTNT2 (9131fe60adfab595c8da53ad6a06aa31) C:\WINDOWS\system32\npptNT2.sys
11:15:58.0234 2904 NPPTNT2 - ok
11:15:58.0328 2904 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
11:15:58.0328 2904 Ntfs - ok
11:15:58.0359 2904 nvata (c03e15101f6d9e82cd9b0e7d715f5de3) C:\WINDOWS\system32\DRIVERS\nvata.sys
11:15:58.0359 2904 nvata - ok
11:15:58.0390 2904 NVENETFD (b9333604527e02cd2223f200c0bae7e0) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
11:15:58.0390 2904 NVENETFD - ok
11:15:58.0406 2904 nvnetbus (5e9e55f7ee644c7c5fd78a206fbe37ab) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
11:15:58.0406 2904 nvnetbus - ok
11:15:58.0421 2904 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:15:58.0421 2904 NwlnkFlt - ok
11:15:58.0437 2904 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:15:58.0437 2904 NwlnkFwd - ok
11:15:58.0484 2904 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
11:15:58.0484 2904 ohci1394 - ok
11:15:58.0546 2904 ossrv (3649eefa90990249267dd6c7808cbc86) C:\WINDOWS\system32\drivers\ctoss2k.sys
11:15:58.0546 2904 ossrv - ok
11:15:58.0609 2904 P17 (df886ffed69aead0cf608b89b18c3f6f) C:\WINDOWS\system32\drivers\P17.sys
11:15:58.0640 2904 P17 - ok
11:15:58.0703 2904 P17xfi (06902b5f2a17dddf1282ff402b5bd51b) C:\WINDOWS\system32\drivers\P17xfi.sys
11:15:58.0703 2904 P17xfi - ok
11:15:58.0812 2904 p17xfilt (a782e03a3b54c13fa7c29d33e1c9a044) C:\WINDOWS\system32\drivers\p17xfilt.sys
11:15:58.0843 2904 p17xfilt - ok
11:15:58.0890 2904 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
11:15:58.0890 2904 Parport - ok
11:15:58.0906 2904 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
11:15:58.0906 2904 PartMgr - ok
11:15:58.0937 2904 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
11:15:58.0937 2904 ParVdm - ok
11:15:58.0968 2904 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
11:15:58.0968 2904 PCI - ok
11:15:59.0000 2904 PCIDump - ok
11:15:59.0031 2904 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
11:15:59.0031 2904 PCIIde - ok
11:15:59.0078 2904 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
11:15:59.0078 2904 Pcmcia - ok
11:15:59.0109 2904 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
11:15:59.0125 2904 pcouffin - ok
11:15:59.0125 2904 PDCOMP - ok
11:15:59.0125 2904 PDFRAME - ok
11:15:59.0156 2904 PDRELI - ok
11:15:59.0171 2904 PDRFRAME - ok
11:15:59.0171 2904 perc2 - ok
11:15:59.0187 2904 perc2hib - ok
11:15:59.0265 2904 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:15:59.0265 2904 PptpMiniport - ok
11:15:59.0281 2904 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
11:15:59.0281 2904 PSched - ok
11:15:59.0328 2904 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:15:59.0328 2904 Ptilink - ok
11:15:59.0359 2904 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
11:15:59.0359 2904 PxHelp20 - ok
11:15:59.0375 2904 ql1080 - ok
11:15:59.0390 2904 Ql10wnt - ok
11:15:59.0390 2904 ql12160 - ok
11:15:59.0406 2904 ql1240 - ok
11:15:59.0406 2904 ql1280 - ok
11:15:59.0421 2904 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:15:59.0437 2904 RasAcd - ok
11:15:59.0484 2904 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:15:59.0515 2904 Rasl2tp - ok
11:15:59.0562 2904 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:15:59.0562 2904 RasPppoe - ok
11:15:59.0593 2904 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
11:15:59.0593 2904 Raspti - ok
11:15:59.0656 2904 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:15:59.0656 2904 Rdbss - ok
11:15:59.0703 2904 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:15:59.0703 2904 RDPCDD - ok
11:15:59.0765 2904 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:15:59.0765 2904 rdpdr - ok
11:15:59.0875 2904 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
11:15:59.0875 2904 RDPWD - ok
11:15:59.0921 2904 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
11:15:59.0921 2904 redbook - ok
11:16:00.0000 2904 SASDIFSV (bfbc4be8d6ac6d33ad93f3f5f2e11499) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
11:16:00.0000 2904 SASDIFSV - ok
11:16:00.0031 2904 SASENUM (e9c2d75c748c3f0a4c34d6cf2ae1d754) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
11:16:00.0031 2904 SASENUM - ok
11:16:00.0046 2904 SASKUTIL (c7d81c10d3befeee41f3408714637438) C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
11:16:00.0046 2904 SASKUTIL - ok
11:16:00.0125 2904 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:16:00.0125 2904 Secdrv - ok
11:16:00.0171 2904 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
11:16:00.0171 2904 serenum - ok
11:16:00.0218 2904 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
11:16:00.0218 2904 Sfloppy - ok
11:16:00.0218 2904 Simbad - ok
11:16:00.0265 2904 SLIP (1ffc44d6787ec1ea9a2b1440a90fa5c1) C:\WINDOWS\system32\DRIVERS\SLIP.sys
11:16:00.0265 2904 SLIP - ok
11:16:00.0312 2904 soqwx32 - ok
11:16:00.0312 2904 Sparrow - ok
11:16:00.0359 2904 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
11:16:00.0359 2904 splitter - ok
11:16:00.0406 2904 sptd (7f1b7c4d446cd3f926af45b8c48bd593) C:\WINDOWS\system32\Drivers\sptd.sys
11:16:00.0406 2904 sptd - ok
11:16:00.0453 2904 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
11:16:00.0453 2904 sr - ok
11:16:00.0593 2904 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
11:16:00.0593 2904 Srv - ok
11:16:00.0625 2904 streamip (a9f9fd0212e572b84edb9eb661f6bc04) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
11:16:00.0625 2904 streamip - ok
11:16:00.0718 2904 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
11:16:00.0718 2904 swenum - ok
11:16:00.0750 2904 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
11:16:00.0750 2904 swmidi - ok
11:16:00.0765 2904 symc810 - ok
11:16:00.0781 2904 symc8xx - ok
11:16:00.0781 2904 sym_hi - ok
11:16:00.0796 2904 sym_u3 - ok
11:16:00.0828 2904 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
11:16:00.0843 2904 sysaudio - ok
11:16:00.0875 2904 tap0901 (11d34fc869f5bda29949fe3858380894) C:\WINDOWS\system32\DRIVERS\tap0901.sys
11:16:00.0875 2904 tap0901 - ok
11:16:00.0906 2904 Tcpip (d24ea301e2b36c4e975fd216ca85d8e7) C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:16:00.0921 2904 Tcpip - ok
11:16:00.0953 2904 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
11:16:00.0953 2904 TDPIPE - ok
11:16:01.0062 2904 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
11:16:01.0062 2904 TDTCP - ok
11:16:01.0078 2904 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
11:16:01.0093 2904 TermDD - ok
11:16:01.0109 2904 TosIde - ok
11:16:01.0156 2904 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
11:16:01.0156 2904 Udfs - ok
11:16:01.0171 2904 ultra - ok
11:16:01.0203 2904 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
11:16:01.0218 2904 Update - ok
11:16:01.0265 2904 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
11:16:01.0265 2904 usbaudio - ok
11:16:01.0296 2904 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:16:01.0296 2904 usbccgp - ok
11:16:01.0343 2904 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:16:01.0343 2904 usbehci - ok
11:16:01.0421 2904 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:16:01.0421 2904 usbhub - ok
11:16:01.0421 2904 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
11:16:01.0421 2904 usbohci - ok
11:16:01.0453 2904 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:16:01.0453 2904 usbprint - ok
11:16:01.0500 2904 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:16:01.0500 2904 usbstor - ok
11:16:01.0562 2904 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
11:16:01.0562 2904 usbvideo - ok
11:16:01.0609 2904 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
11:16:01.0609 2904 VgaSave - ok
11:16:01.0625 2904 ViaIde - ok
11:16:01.0687 2904 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
11:16:01.0687 2904 VolSnap - ok
11:16:01.0703 2904 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:16:01.0703 2904 Wanarp - ok
11:16:01.0765 2904 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
11:16:01.0765 2904 Wdf01000 - ok
11:16:01.0843 2904 WDICA - ok
11:16:01.0906 2904 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
11:16:01.0906 2904 wdmaud - ok
11:16:01.0984 2904 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
11:16:01.0984 2904 WpdUsb - ok
11:16:02.0046 2904 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
11:16:02.0046 2904 WS2IFSL - ok
11:16:02.0062 2904 WSTCODEC (233cdd1c06942115802eb7ce6669e099) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
11:16:02.0062 2904 WSTCODEC - ok
11:16:02.0125 2904 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:16:02.0125 2904 WudfPf - ok
11:16:02.0140 2904 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:16:02.0140 2904 WudfRd - ok
11:16:02.0187 2904 MBR (0x1B8) (1f753b395539269a3484aecd505b79bd) \Device\Harddisk0\DR0
11:16:02.0218 2904 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
11:16:02.0218 2904 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
11:16:02.0234 2904 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
11:16:02.0234 2904 \Device\Harddisk0\DR0 - detected TDSS File System (1)
11:16:02.0234 2904 MBR (0x1B8) (2739231f64f4679778263fda4d653b2a) \Device\Harddisk1\DR2
11:16:11.0875 2904 \Device\Harddisk1\DR2 - ok
11:16:11.0906 2904 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR3
11:16:12.0015 2904 \Device\Harddisk2\DR3 - ok
11:16:12.0015 2904 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk3\DR4
11:16:12.0359 2904 \Device\Harddisk3\DR4 - ok
11:16:12.0359 2904 Boot (0x1200) (9444f64a1f639dfd6f0bf13101094021) \Device\Harddisk0\DR0\Partition0
11:16:12.0359 2904 \Device\Harddisk0\DR0\Partition0 - ok
11:16:12.0375 2904 Boot (0x1200) (61a809829567957e30f45bab9c39fd85) \Device\Harddisk2\DR3\Partition0
11:16:12.0375 2904 \Device\Harddisk2\DR3\Partition0 - ok
11:16:12.0390 2904 Boot (0x1200) (43fae830cb65bc31afe581749a230101) \Device\Harddisk3\DR4\Partition0
11:16:12.0390 2904 \Device\Harddisk3\DR4\Partition0 - ok
11:16:12.0390 2904 ============================================================
11:16:12.0390 2904 Scan finished
11:16:12.0390 2904 ============================================================
11:16:12.0406 2248 Detected object count: 2
11:16:12.0406 2248 Actual detected object count: 2
11:16:59.0828 2248 \Device\Harddisk0\DR0\# - copied to quarantine
11:16:59.0828 2248 \Device\Harddisk0\DR0 - copied to quarantine
11:17:00.0125 2248 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
11:17:00.0171 2248 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
11:17:00.0187 2248 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
11:17:00.0218 2248 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
11:17:00.0218 2248 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
11:17:00.0250 2248 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
11:17:00.0437 2248 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
11:17:00.0437 2248 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
11:17:00.0437 2248 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
11:17:00.0468 2248 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
11:17:00.0500 2248 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
11:17:00.0500 2248 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
11:17:00.0625 2248 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
11:17:00.0625 2248 \Device\Harddisk0\DR0 - ok
11:17:06.0171 2248 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
11:17:06.0234 2248 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
11:17:06.0281 2248 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
11:17:06.0281 2248 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
11:17:06.0312 2248 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
11:17:06.0312 2248 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
11:17:06.0375 2248 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
11:17:06.0453 2248 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
11:17:06.0484 2248 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
11:17:06.0484 2248 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
11:17:06.0515 2248 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
11:17:06.0515 2248 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
11:17:06.0531 2248 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
11:17:06.0531 2248 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine
11:17:54.0140 2476 Deinitialize success


GMER:


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-02-12 11:33:57
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\00000080 Hitachi_HDP725032GLA360 rev.GM3OA52A
Running: imtgiucr.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pfaiqpow.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateKey [0xAAB66BDA]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateValueKey [0xAAB66A45]

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xAB4497A2]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)

Device \FileSystem\Fastfat \Fat aswSP.SYS (avast! self protection module/AVAST Software)

AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

---- EOF - GMER 1.0.15 ----



And now...Avast!


Which is now not letting me open the file. Gotta love DAT. :)



Again...Thank you for your help!





D

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:22 AM

Posted 13 February 2012 - 12:33 AM

Launch TDSSkiller once again and click on SCAN ,post the new log

RESTART THE PC

Try to run aswmbr now.you can also try to run in safemode

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#5 Mr Darkwater

Mr Darkwater
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:22 PM

Posted 15 February 2012 - 03:25 AM

TDSSKiller:







22:21:53.0771 1300 TDSS rootkit removing tool 2.7.12.0 Feb 11 2012 16:58:52
22:21:54.0459 1300 ============================================================
22:21:54.0459 1300 Current date / time: 2012/02/14 22:21:54.0459
22:21:54.0459 1300 SystemInfo:
22:21:54.0459 1300
22:21:54.0459 1300 OS Version: 5.1.2600 ServicePack: 3.0
22:21:54.0459 1300 Product type: Workstation
22:21:54.0459 1300 ComputerName: PAST-594BFF0499
22:21:54.0459 1300 UserName: Administrator
22:21:54.0459 1300 Windows directory: C:\WINDOWS
22:21:54.0459 1300 System windows directory: C:\WINDOWS
22:21:54.0459 1300 Processor architecture: Intel x86
22:21:54.0459 1300 Number of processors: 2
22:21:54.0459 1300 Page size: 0x1000
22:21:54.0459 1300 Boot type: Normal boot
22:21:54.0459 1300 ============================================================
22:21:55.0005 1300 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:21:55.0005 1300 Drive \Device\Harddisk1\DR2 - Size: 0x1D1C1115E00 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:21:55.0037 1300 Drive \Device\Harddisk2\DR3 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:21:55.0224 1300 Drive \Device\Harddisk8\DR16 - Size: 0x1DEFFFE00 (7.48 Gb), SectorSize: 0x200, Cylinders: 0x3D1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:21:55.0224 1300 \Device\Harddisk0\DR0:
22:21:55.0224 1300 MBR used
22:21:55.0224 1300 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1
22:21:55.0224 1300 \Device\Harddisk1\DR2:
22:21:55.0224 1300 MBR used
22:21:55.0224 1300 \Device\Harddisk1\DR2\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE8E074C1
22:21:55.0224 1300 \Device\Harddisk2\DR3:
22:21:55.0271 1300 MBR used
22:21:55.0271 1300 \Device\Harddisk2\DR3\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF93782
22:21:55.0271 1300 \Device\Harddisk8\DR16:
22:21:55.0271 1300 MBR used
22:21:55.0365 1300 Initialize success
22:21:55.0365 1300 ============================================================
22:21:56.0974 0284 ============================================================
22:21:56.0974 0284 Scan started
22:21:56.0974 0284 Mode: Manual;
22:21:56.0974 0284 ============================================================
22:21:57.0177 0284 .afd - ok
22:21:57.0177 0284 .cdrom - ok
22:21:57.0193 0284 .mrxsmb - ok
22:21:57.0224 0284 .netbt - ok
22:21:57.0240 0284 .serial - ok
22:21:57.0380 0284 Aavmker4 (b6de0336f9f4b687b4ff57939f7b657a) C:\WINDOWS\system32\drivers\Aavmker4.sys
22:21:57.0380 0284 Aavmker4 - ok
22:21:57.0380 0284 Abiosdsk - ok
22:21:57.0396 0284 abp480n5 - ok
22:21:57.0459 0284 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:21:57.0459 0284 ACPI - ok
22:21:57.0521 0284 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
22:21:57.0537 0284 ACPIEC - ok
22:21:57.0552 0284 adfs - ok
22:21:57.0552 0284 adpu160m - ok
22:21:57.0615 0284 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:21:57.0615 0284 aec - ok
22:21:57.0677 0284 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
22:21:57.0677 0284 AFD - ok
22:21:57.0677 0284 Aha154x - ok
22:21:57.0693 0284 aic78u2 - ok
22:21:57.0709 0284 aic78xx - ok
22:21:57.0724 0284 AliIde - ok
22:21:57.0740 0284 amsint - ok
22:21:57.0787 0284 appliand (05eda44c080ebaf758f8a318488ffd75) C:\WINDOWS\system32\DRIVERS\appliand.sys
22:21:57.0787 0284 appliand - ok
22:21:57.0787 0284 appliandMP (05eda44c080ebaf758f8a318488ffd75) C:\WINDOWS\system32\DRIVERS\appliand.sys
22:21:57.0787 0284 appliandMP - ok
22:21:57.0849 0284 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
22:21:57.0849 0284 Arp1394 - ok
22:21:57.0959 0284 asc - ok
22:21:57.0959 0284 asc3350p - ok
22:21:57.0974 0284 asc3550 - ok
22:21:58.0037 0284 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\WINDOWS\system32\drivers\aswFsBlk.sys
22:21:58.0037 0284 aswFsBlk - ok
22:21:58.0052 0284 aswMon2 (ef0e9ad83380724bd6fbbb51d2d0f5b8) C:\WINDOWS\system32\drivers\aswMon2.sys
22:21:58.0052 0284 aswMon2 - ok
22:21:58.0084 0284 aswRdr (352d5a48ebab35a7693b048679304831) C:\WINDOWS\system32\drivers\aswRdr.sys
22:21:58.0084 0284 aswRdr - ok
22:21:58.0146 0284 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\WINDOWS\system32\drivers\aswSnx.sys
22:21:58.0146 0284 aswSnx - ok
22:21:58.0193 0284 aswSP (010012597333da1f46c3243f33f8409e) C:\WINDOWS\system32\drivers\aswSP.sys
22:21:58.0193 0284 aswSP - ok
22:21:58.0224 0284 aswTdi (f9f84364416658e9786235904d448d37) C:\WINDOWS\system32\drivers\aswTdi.sys
22:21:58.0224 0284 aswTdi - ok
22:21:58.0255 0284 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:21:58.0255 0284 AsyncMac - ok
22:21:58.0302 0284 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:21:58.0302 0284 atapi - ok
22:21:58.0318 0284 Atdisk - ok
22:21:58.0412 0284 ati2mtag (4f1d98c5faa232d89f479aa2f6ef4196) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
22:21:58.0459 0284 ati2mtag - ok
22:21:58.0599 0284 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:21:58.0599 0284 Atmarpc - ok
22:21:58.0646 0284 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:21:58.0646 0284 audstub - ok
22:21:58.0724 0284 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:21:58.0740 0284 cbidf2k - ok
22:21:58.0834 0284 CCDECODE (fdc06e2ada8c468ebb161624e03976cf) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:21:58.0865 0284 CCDECODE - ok
22:21:58.0880 0284 cd20xrnt - ok
22:21:58.0990 0284 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:21:59.0005 0284 Cdaudio - ok
22:21:59.0240 0284 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:21:59.0240 0284 Cdfs - ok
22:21:59.0318 0284 cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:21:59.0334 0284 cdrom - ok
22:21:59.0365 0284 Changer - ok
22:21:59.0396 0284 CmdIde - ok
22:21:59.0443 0284 COMMONFX.DLL (2978318127965cbb9f66d45428aa3ddf) C:\WINDOWS\system32\COMMONFX.DLL
22:21:59.0443 0284 COMMONFX.DLL - ok
22:21:59.0537 0284 CompFilter (216f2c5cd4b5858d9a80a09a5479562b) C:\WINDOWS\system32\DRIVERS\lvbusflt.sys
22:21:59.0537 0284 CompFilter - ok
22:21:59.0615 0284 Cpqarray - ok
22:21:59.0677 0284 CT20XUT (134cdd242af1ae9961f065fba3508a7b) C:\WINDOWS\system32\drivers\CT20XUT.SYS
22:21:59.0677 0284 CT20XUT - ok
22:21:59.0677 0284 CT20XUT.DLL (c338a508efb295478f1ab4fabacedc15) C:\WINDOWS\system32\CT20XUT.DLL
22:21:59.0693 0284 CT20XUT.DLL - ok
22:21:59.0724 0284 ctac32k (93439baf09ce3c6d4ce55da5b07d1b6a) C:\WINDOWS\system32\drivers\ctac32k.sys
22:21:59.0740 0284 ctac32k - ok
22:21:59.0755 0284 ctaud2k (6ab74512f09d673452d63ddec9014db5) C:\WINDOWS\system32\drivers\ctaud2k.sys
22:21:59.0771 0284 ctaud2k - ok
22:21:59.0787 0284 CTAUDFX.DLL (966b19e9f8136afbeec9a2f0cb1f2564) C:\WINDOWS\system32\CTAUDFX.DLL
22:21:59.0787 0284 CTAUDFX.DLL - ok
22:21:59.0834 0284 ctdvda2k (788db5d99b2ca44ff61d8ed7b3c67c2e) C:\WINDOWS\system32\drivers\ctdvda2k.sys
22:21:59.0834 0284 ctdvda2k - ok
22:21:59.0912 0284 CTEAPSFX.DLL (bd4bf4ba0791e9c8fb68b317443d2064) C:\WINDOWS\system32\CTEAPSFX.DLL
22:21:59.0912 0284 CTEAPSFX.DLL - ok
22:21:59.0990 0284 CTEDSPFX.DLL (fe0823d8280a51a5575ae2fd9a3732e2) C:\WINDOWS\system32\CTEDSPFX.DLL
22:22:00.0005 0284 CTEDSPFX.DLL - ok
22:22:00.0005 0284 CTEDSPIO.DLL (eaf112535481ab76a022a274f1a8f924) C:\WINDOWS\system32\CTEDSPIO.DLL
22:22:00.0005 0284 CTEDSPIO.DLL - ok
22:22:00.0021 0284 CTEDSPSY.DLL (db50923f48b8a8fd80329dae21ad316c) C:\WINDOWS\system32\CTEDSPSY.DLL
22:22:00.0021 0284 CTEDSPSY.DLL - ok
22:22:00.0037 0284 CTERFXFX.DLL (c7f3e238871c8a0473430f8f87921ec5) C:\WINDOWS\system32\CTERFXFX.DLL
22:22:00.0037 0284 CTERFXFX.DLL - ok
22:22:00.0130 0284 CTEXFIFX (3a9ad039d94be8d955ad0b2cb207378d) C:\WINDOWS\system32\drivers\CTEXFIFX.SYS
22:22:00.0130 0284 CTEXFIFX - ok
22:22:00.0162 0284 CTEXFIFX.DLL (06f1fa6bb9584e7042d622546ca15cf7) C:\WINDOWS\system32\CTEXFIFX.DLL
22:22:00.0177 0284 CTEXFIFX.DLL - ok
22:22:00.0209 0284 CTHWIUT (4602ad8c8e1b285e1a23a957f487da86) C:\WINDOWS\system32\drivers\CTHWIUT.SYS
22:22:00.0209 0284 CTHWIUT - ok
22:22:00.0240 0284 CTHWIUT.DLL (96ead0d0472c620a5bc94dde1a6e1b53) C:\WINDOWS\system32\CTHWIUT.DLL
22:22:00.0240 0284 CTHWIUT.DLL - ok
22:22:00.0318 0284 ctprxy2k (d42b84671f2193330215d3c375a2e948) C:\WINDOWS\system32\drivers\ctprxy2k.sys
22:22:00.0318 0284 ctprxy2k - ok
22:22:00.0334 0284 CTSBLFX.DLL (14cad906dbec361b572ab2eb1ccf390a) C:\WINDOWS\system32\CTSBLFX.DLL
22:22:00.0349 0284 CTSBLFX.DLL - ok
22:22:00.0380 0284 ctsfm2k (fcbb8ea6fe935d2c531d3a4dee9f985b) C:\WINDOWS\system32\drivers\ctsfm2k.sys
22:22:00.0380 0284 ctsfm2k - ok
22:22:00.0412 0284 CTUSFSYN (12a7b253f9128b3b68a9979827047b76) C:\WINDOWS\system32\drivers\ctusfsyn.sys
22:22:00.0412 0284 CTUSFSYN - ok
22:22:00.0427 0284 dac2w2k - ok
22:22:00.0427 0284 dac960nt - ok
22:22:00.0474 0284 DFUBTUSB (31273c758c6df7fc27b00be78c7220e9) C:\WINDOWS\system32\Drivers\frmupgr.sys
22:22:00.0474 0284 DFUBTUSB - ok
22:22:00.0521 0284 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:22:00.0521 0284 Disk - ok
22:22:00.0584 0284 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
22:22:00.0584 0284 dmboot - ok
22:22:00.0599 0284 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\DRIVERS\dmio.sys
22:22:00.0599 0284 dmio - ok
22:22:00.0693 0284 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:22:00.0693 0284 dmload - ok
22:22:00.0755 0284 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:22:00.0755 0284 DMusic - ok
22:22:00.0755 0284 dpti2o - ok
22:22:00.0787 0284 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:22:00.0787 0284 drmkaud - ok
22:22:00.0802 0284 dump_wmimmc - ok
22:22:00.0865 0284 emupia (04afe5c11777e33178ec11e1fac47b07) C:\WINDOWS\system32\drivers\emupia2k.sys
22:22:00.0865 0284 emupia - ok
22:22:00.0912 0284 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:22:00.0912 0284 Fastfat - ok
22:22:00.0959 0284 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
22:22:00.0959 0284 Fdc - ok
22:22:01.0005 0284 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
22:22:01.0021 0284 Fips - ok
22:22:01.0021 0284 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
22:22:01.0021 0284 Flpydisk - ok
22:22:01.0084 0284 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
22:22:01.0084 0284 FltMgr - ok
22:22:01.0130 0284 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:22:01.0130 0284 Fs_Rec - ok
22:22:01.0162 0284 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:22:01.0162 0284 Ftdisk - ok
22:22:01.0209 0284 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
22:22:01.0209 0284 GEARAspiWDM - ok
22:22:01.0255 0284 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:22:01.0255 0284 Gpc - ok
22:22:01.0318 0284 ha20x2k (41fce1833d8f659acc56cb0ee43b2ced) C:\WINDOWS\system32\drivers\ha20x2k.sys
22:22:01.0334 0284 ha20x2k - ok
22:22:01.0474 0284 HdAudAddService (56bf27d7a539f9e6bbc1de201aba0edf) C:\WINDOWS\system32\drivers\AtiHdAud.sys
22:22:01.0490 0284 HdAudAddService - ok
22:22:01.0646 0284 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:22:01.0662 0284 HDAudBus - ok
22:22:01.0755 0284 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:22:01.0755 0284 hidusb - ok
22:22:01.0755 0284 hpn - ok
22:22:01.0802 0284 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
22:22:01.0802 0284 HPZid412 - ok
22:22:01.0849 0284 HPZipr12 (0b4fda2657c3e0315eaa57f9c6d4fd1f) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
22:22:01.0865 0284 HPZipr12 - ok
22:22:01.0880 0284 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
22:22:01.0880 0284 HPZius12 - ok
22:22:01.0959 0284 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:22:01.0959 0284 HTTP - ok
22:22:01.0959 0284 i2omgmt - ok
22:22:01.0974 0284 i2omp - ok
22:22:02.0021 0284 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:22:02.0021 0284 i8042prt - ok
22:22:02.0037 0284 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:22:02.0037 0284 Imapi - ok
22:22:02.0052 0284 ini910u - ok
22:22:02.0177 0284 IntcAzAudAddService (60d7460b07012d364ced11dd9fd83e1f) C:\WINDOWS\system32\drivers\RtkHDAud.sys
22:22:02.0224 0284 IntcAzAudAddService - ok
22:22:02.0255 0284 IntelIde - ok
22:22:02.0349 0284 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:22:02.0349 0284 intelppm - ok
22:22:02.0380 0284 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
22:22:02.0380 0284 Ip6Fw - ok
22:22:02.0396 0284 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:22:02.0396 0284 IpFilterDriver - ok
22:22:02.0396 0284 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:22:02.0396 0284 IpInIp - ok
22:22:02.0427 0284 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:22:02.0427 0284 IpNat - ok
22:22:02.0459 0284 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:22:02.0459 0284 IPSec - ok
22:22:02.0521 0284 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:22:02.0521 0284 IRENUM - ok
22:22:02.0584 0284 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:22:02.0584 0284 isapnp - ok
22:22:02.0662 0284 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:22:02.0662 0284 Kbdclass - ok
22:22:02.0709 0284 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:22:02.0709 0284 kbdhid - ok
22:22:02.0771 0284 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:22:02.0771 0284 kmixer - ok
22:22:02.0802 0284 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:22:02.0802 0284 KSecDD - ok
22:22:02.0834 0284 L8042Kbd (d8d3f1c1e82117a3776a2d320a7b3694) C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
22:22:02.0834 0284 L8042Kbd - ok
22:22:02.0834 0284 L8042mou (5262222fb4a7b57b48115016ccfd1f4c) C:\WINDOWS\system32\DRIVERS\L8042mou.Sys
22:22:02.0834 0284 L8042mou - ok
22:22:02.0880 0284 LBeepKE (e254e5b2c5227ddbb47d045940a0a559) C:\WINDOWS\system32\Drivers\LBeepKE.sys
22:22:02.0880 0284 LBeepKE - ok
22:22:02.0896 0284 lbrtfdc - ok
22:22:02.0943 0284 LHidFilt (8b30311241f97b35167afe68d79e8530) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
22:22:02.0943 0284 LHidFilt - ok
22:22:02.0959 0284 LMouFilt (48d7422a6c4eec886b56ac534cfa3acf) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
22:22:02.0959 0284 LMouFilt - ok
22:22:03.0021 0284 LMouKE (96062ec1f26f08ebe056c026667744dd) C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
22:22:03.0021 0284 LMouKE - ok
22:22:03.0084 0284 LVPr2Mon (8be71d7edb8c7494913722059f760dd0) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
22:22:03.0084 0284 LVPr2Mon - ok
22:22:03.0130 0284 LVRS (a1857fbb9b4930eeb2fd92386c45c529) C:\WINDOWS\system32\DRIVERS\lvrs.sys
22:22:03.0146 0284 LVRS - ok
22:22:03.0240 0284 LVUVC (3703406af0726badd24c5e552493e5b1) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
22:22:03.0287 0284 LVUVC - ok
22:22:03.0318 0284 mbamchameleon (7ffd29fafcde7aaf89b689b6e156d5b0) C:\WINDOWS\system32\drivers\mbamchameleon.sys
22:22:03.0334 0284 mbamchameleon - ok
22:22:03.0365 0284 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:22:03.0365 0284 mnmdd - ok
22:22:03.0412 0284 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
22:22:03.0412 0284 Modem - ok
22:22:03.0490 0284 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:22:03.0490 0284 Mouclass - ok
22:22:03.0537 0284 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:22:03.0537 0284 mouhid - ok
22:22:03.0599 0284 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:22:03.0599 0284 MountMgr - ok
22:22:03.0615 0284 mraid35x - ok
22:22:03.0615 0284 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:22:03.0615 0284 MRxDAV - ok
22:22:03.0646 0284 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:22:03.0646 0284 Msfs - ok
22:22:03.0662 0284 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:22:03.0662 0284 MSKSSRV - ok
22:22:03.0693 0284 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:22:03.0693 0284 MSPCLOCK - ok
22:22:03.0724 0284 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:22:03.0724 0284 MSPQM - ok
22:22:03.0755 0284 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:22:03.0771 0284 mssmbios - ok
22:22:03.0990 0284 MSTEE (d5059366b361f0e1124753447af08aa2) C:\WINDOWS\system32\drivers\MSTEE.sys
22:22:04.0005 0284 MSTEE - ok
22:22:04.0099 0284 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
22:22:04.0115 0284 MTsensor - ok
22:22:04.0209 0284 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:22:04.0224 0284 Mup - ok
22:22:04.0224 0284 NABTSFEC (ac31b352ce5e92704056d409834beb74) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:22:04.0240 0284 NABTSFEC - ok
22:22:04.0334 0284 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:22:04.0334 0284 NDIS - ok
22:22:04.0365 0284 NdisIP (abd7629cf2796250f315c1dd0b6cf7a0) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:22:04.0365 0284 NdisIP - ok
22:22:04.0443 0284 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:22:04.0443 0284 NdisTapi - ok
22:22:04.0459 0284 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:22:04.0459 0284 Ndisuio - ok
22:22:04.0490 0284 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:22:04.0490 0284 NdisWan - ok
22:22:04.0537 0284 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:22:04.0537 0284 NDProxy - ok
22:22:04.0537 0284 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:22:04.0537 0284 NetBIOS - ok
22:22:04.0584 0284 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:22:04.0584 0284 NetBT - ok
22:22:04.0646 0284 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
22:22:04.0662 0284 NIC1394 - ok
22:22:04.0677 0284 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:22:04.0677 0284 Npfs - ok
22:22:04.0693 0284 npkcrypt - ok
22:22:04.0709 0284 npkcusb - ok
22:22:04.0802 0284 NPPTNT2 (9131fe60adfab595c8da53ad6a06aa31) C:\WINDOWS\system32\npptNT2.sys
22:22:04.0802 0284 NPPTNT2 - ok
22:22:04.0849 0284 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:22:04.0865 0284 Ntfs - ok
22:22:04.0927 0284 nvata (c03e15101f6d9e82cd9b0e7d715f5de3) C:\WINDOWS\system32\DRIVERS\nvata.sys
22:22:04.0927 0284 nvata - ok
22:22:04.0927 0284 NVENETFD (b9333604527e02cd2223f200c0bae7e0) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
22:22:04.0927 0284 NVENETFD - ok
22:22:04.0943 0284 nvnetbus (5e9e55f7ee644c7c5fd78a206fbe37ab) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
22:22:04.0943 0284 nvnetbus - ok
22:22:04.0990 0284 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:22:04.0990 0284 NwlnkFlt - ok
22:22:05.0005 0284 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:22:05.0005 0284 NwlnkFwd - ok
22:22:05.0037 0284 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
22:22:05.0037 0284 ohci1394 - ok
22:22:05.0084 0284 ossrv (3649eefa90990249267dd6c7808cbc86) C:\WINDOWS\system32\drivers\ctoss2k.sys
22:22:05.0099 0284 ossrv - ok
22:22:05.0177 0284 P17 (df886ffed69aead0cf608b89b18c3f6f) C:\WINDOWS\system32\drivers\P17.sys
22:22:05.0193 0284 P17 - ok
22:22:05.0302 0284 P17xfi (06902b5f2a17dddf1282ff402b5bd51b) C:\WINDOWS\system32\drivers\P17xfi.sys
22:22:05.0318 0284 P17xfi - ok
22:22:05.0396 0284 p17xfilt (a782e03a3b54c13fa7c29d33e1c9a044) C:\WINDOWS\system32\drivers\p17xfilt.sys
22:22:05.0427 0284 p17xfilt - ok
22:22:05.0459 0284 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
22:22:05.0459 0284 Parport - ok
22:22:05.0521 0284 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:22:05.0521 0284 PartMgr - ok
22:22:05.0568 0284 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
22:22:05.0584 0284 ParVdm - ok
22:22:05.0599 0284 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
22:22:05.0615 0284 PCI - ok
22:22:05.0615 0284 PCIDump - ok
22:22:05.0646 0284 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:22:05.0662 0284 PCIIde - ok
22:22:05.0787 0284 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
22:22:05.0787 0284 Pcmcia - ok
22:22:05.0818 0284 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
22:22:05.0818 0284 pcouffin - ok
22:22:05.0834 0284 PDCOMP - ok
22:22:05.0834 0284 PDFRAME - ok
22:22:05.0849 0284 PDRELI - ok
22:22:05.0865 0284 PDRFRAME - ok
22:22:05.0865 0284 perc2 - ok
22:22:05.0880 0284 perc2hib - ok
22:22:05.0959 0284 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:22:05.0959 0284 PptpMiniport - ok
22:22:05.0974 0284 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:22:05.0974 0284 PSched - ok
22:22:05.0990 0284 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:22:05.0990 0284 Ptilink - ok
22:22:06.0021 0284 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:22:06.0021 0284 PxHelp20 - ok
22:22:06.0021 0284 ql1080 - ok
22:22:06.0037 0284 Ql10wnt - ok
22:22:06.0037 0284 ql12160 - ok
22:22:06.0052 0284 ql1240 - ok
22:22:06.0068 0284 ql1280 - ok
22:22:06.0099 0284 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:22:06.0099 0284 RasAcd - ok
22:22:06.0146 0284 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:22:06.0146 0284 Rasl2tp - ok
22:22:06.0162 0284 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:22:06.0162 0284 RasPppoe - ok
22:22:06.0177 0284 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:22:06.0177 0284 Raspti - ok
22:22:06.0224 0284 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:22:06.0240 0284 Rdbss - ok
22:22:06.0380 0284 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:22:06.0396 0284 RDPCDD - ok
22:22:06.0537 0284 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:22:06.0552 0284 rdpdr - ok
22:22:06.0677 0284 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
22:22:06.0677 0284 RDPWD - ok
22:22:06.0849 0284 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:22:06.0849 0284 redbook - ok
22:22:06.0974 0284 SASDIFSV (bfbc4be8d6ac6d33ad93f3f5f2e11499) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
22:22:06.0974 0284 SASDIFSV - ok
22:22:07.0021 0284 SASENUM (e9c2d75c748c3f0a4c34d6cf2ae1d754) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
22:22:07.0021 0284 SASENUM - ok
22:22:07.0037 0284 SASKUTIL (c7d81c10d3befeee41f3408714637438) C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
22:22:07.0037 0284 SASKUTIL - ok
22:22:07.0052 0284 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:22:07.0052 0284 Secdrv - ok
22:22:07.0099 0284 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:22:07.0099 0284 serenum - ok
22:22:07.0130 0284 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:22:07.0130 0284 Sfloppy - ok
22:22:07.0146 0284 Simbad - ok
22:22:07.0193 0284 SLIP (1ffc44d6787ec1ea9a2b1440a90fa5c1) C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:22:07.0193 0284 SLIP - ok
22:22:07.0302 0284 soqwx32 - ok
22:22:07.0302 0284 Sparrow - ok
22:22:07.0365 0284 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:22:07.0365 0284 splitter - ok
22:22:07.0412 0284 sptd (7f1b7c4d446cd3f926af45b8c48bd593) C:\WINDOWS\system32\Drivers\sptd.sys
22:22:07.0427 0284 sptd - ok
22:22:07.0474 0284 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
22:22:07.0474 0284 sr - ok
22:22:07.0505 0284 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:22:07.0521 0284 Srv - ok
22:22:07.0537 0284 streamip (a9f9fd0212e572b84edb9eb661f6bc04) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:22:07.0552 0284 streamip - ok
22:22:07.0584 0284 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:22:07.0584 0284 swenum - ok
22:22:07.0615 0284 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:22:07.0615 0284 swmidi - ok
22:22:07.0630 0284 symc810 - ok
22:22:07.0646 0284 symc8xx - ok
22:22:07.0646 0284 sym_hi - ok
22:22:07.0662 0284 sym_u3 - ok
22:22:07.0677 0284 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:22:07.0677 0284 sysaudio - ok
22:22:07.0818 0284 tap0901 (11d34fc869f5bda29949fe3858380894) C:\WINDOWS\system32\DRIVERS\tap0901.sys
22:22:07.0818 0284 tap0901 - ok
22:22:07.0865 0284 Tcpip (d24ea301e2b36c4e975fd216ca85d8e7) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:22:07.0865 0284 Tcpip - ok
22:22:07.0912 0284 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:22:07.0912 0284 TDPIPE - ok
22:22:07.0927 0284 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:22:07.0927 0284 TDTCP - ok
22:22:07.0943 0284 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:22:07.0959 0284 TermDD - ok
22:22:07.0974 0284 TosIde - ok
22:22:08.0021 0284 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:22:08.0021 0284 Udfs - ok
22:22:08.0021 0284 ultra - ok
22:22:08.0052 0284 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:22:08.0068 0284 Update - ok
22:22:08.0115 0284 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
22:22:08.0115 0284 usbaudio - ok
22:22:08.0209 0284 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:22:08.0224 0284 usbccgp - ok
22:22:08.0271 0284 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:22:08.0271 0284 usbehci - ok
22:22:08.0302 0284 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:22:08.0302 0284 usbhub - ok
22:22:08.0302 0284 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
22:22:08.0302 0284 usbohci - ok
22:22:08.0334 0284 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:22:08.0334 0284 usbprint - ok
22:22:08.0349 0284 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:22:08.0349 0284 usbstor - ok
22:22:08.0396 0284 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
22:22:08.0396 0284 usbvideo - ok
22:22:08.0427 0284 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:22:08.0427 0284 VgaSave - ok
22:22:08.0427 0284 ViaIde - ok
22:22:08.0490 0284 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
22:22:08.0490 0284 VolSnap - ok
22:22:08.0505 0284 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:22:08.0505 0284 Wanarp - ok
22:22:08.0552 0284 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
22:22:08.0568 0284 Wdf01000 - ok
22:22:08.0662 0284 WDICA - ok
22:22:08.0740 0284 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:22:08.0755 0284 wdmaud - ok
22:22:08.0849 0284 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
22:22:08.0849 0284 WpdUsb - ok
22:22:08.0959 0284 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
22:22:08.0974 0284 WS2IFSL - ok
22:22:09.0037 0284 WSTCODEC (233cdd1c06942115802eb7ce6669e099) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:22:09.0037 0284 WSTCODEC - ok
22:22:09.0068 0284 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:22:09.0084 0284 WudfPf - ok
22:22:09.0099 0284 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:22:09.0099 0284 WudfRd - ok
22:22:09.0146 0284 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
22:22:09.0271 0284 \Device\Harddisk0\DR0 - ok
22:22:09.0287 0284 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR2
22:22:09.0287 0284 \Device\Harddisk1\DR2 - ok
22:22:09.0443 0284 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR3
22:22:09.0443 0284 \Device\Harddisk2\DR3 - ok
22:22:09.0443 0284 MBR (0x1B8) (2739231f64f4679778263fda4d653b2a) \Device\Harddisk8\DR16
22:22:10.0990 0284 \Device\Harddisk8\DR16 - ok
22:22:10.0990 0284 Boot (0x1200) (9444f64a1f639dfd6f0bf13101094021) \Device\Harddisk0\DR0\Partition0
22:22:10.0990 0284 \Device\Harddisk0\DR0\Partition0 - ok
22:22:11.0037 0284 Boot (0x1200) (61a809829567957e30f45bab9c39fd85) \Device\Harddisk1\DR2\Partition0
22:22:11.0037 0284 \Device\Harddisk1\DR2\Partition0 - ok
22:22:11.0037 0284 Boot (0x1200) (43fae830cb65bc31afe581749a230101) \Device\Harddisk2\DR3\Partition0
22:22:11.0037 0284 \Device\Harddisk2\DR3\Partition0 - ok
22:22:11.0037 0284 ============================================================
22:22:11.0037 0284 Scan finished
22:22:11.0037 0284 ============================================================
22:22:11.0052 1824 Detected object count: 0
22:22:11.0052 1824 Actual detected object count: 0






ESET:







C:\TDSSKiller_Quarantine\12.02.2012_11.15.41\mbr0000\tdlfs0000\tsk0001.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.02.2012_11.15.41\mbr0000\tdlfs0000\tsk0002.dta Win64/Olmarik.AD trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.02.2012_11.15.41\mbr0000\tdlfs0000\tsk0003.dta a variant of Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.02.2012_11.15.41\mbr0000\tdlfs0000\tsk0005.dta a variant of Win32/Rootkit.Kryptik.JG trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.02.2012_11.15.41\mbr0000\tdlfs0000\tsk0006.dta Win64/Olmarik.AC trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.02.2012_11.15.41\mbr0000\tdlfs0000\tsk0010.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.02.2012_11.15.41\mbr0000\tdlfs0000\tsk0011.dta Win64/Olmarik.X trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.02.2012_11.15.41\tdlfs0000\tsk0001.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.02.2012_11.15.41\tdlfs0000\tsk0002.dta Win64/Olmarik.AD trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.02.2012_11.15.41\tdlfs0000\tsk0003.dta a variant of Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.02.2012_11.15.41\tdlfs0000\tsk0005.dta a variant of Win32/Rootkit.Kryptik.JG trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.02.2012_11.15.41\tdlfs0000\tsk0006.dta Win64/Olmarik.AC trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.02.2012_11.15.41\tdlfs0000\tsk0010.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\12.02.2012_11.15.41\tdlfs0000\tsk0011.dta Win64/Olmarik.X trojan cleaned by deleting - quarantined

(Should I delete these?)







Minitoolbox:









MiniToolBox by Farbar Version: 18-01-2012
Ran by Administrator (administrator) on 14-02-2012 at 22:19:03
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 activate.adobe.com
127.0.0.1 activate.adobe.com

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Connected)
NVIDIA nForce Networking Controller = Local Area Connection (Connected)
TAP-Win32 Adapter V9 = Local Area Connection 4 (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "Local Area Connection 4"

set address name="Local Area Connection 4" source=dhcp
set dns name="Local Area Connection 4" source=dhcp register=PRIMARY
set wins name="Local Area Connection 4" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : past-594bff0499

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : NVIDIA nForce Networking Controller

Physical Address. . . . . . . . . : 00-1D-60-1B-B6-5C

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.8

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 192.168.1.1

Lease Obtained. . . . . . . . . . : Tuesday, February 14, 2012 7:22:26 PM

Lease Expires . . . . . . . . . . : Wednesday, February 15, 2012 7:22:26 PM



Ethernet adapter Local Area Connection 4:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : TAP-Win32 Adapter V9

Physical Address. . . . . . . . . : 00-FF-A4-EE-0A-99

Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.224.201, 74.125.224.202, 74.125.224.203, 74.125.224.204
74.125.224.205, 74.125.224.206, 74.125.224.207, 74.125.224.192, 74.125.224.193
74.125.224.194, 74.125.224.195, 74.125.224.196, 74.125.224.197, 74.125.224.198
74.125.224.199, 74.125.224.200



Pinging google.com [74.125.224.200] with 32 bytes of data:



Reply from 74.125.224.200: bytes=32 time=69ms TTL=53

Reply from 74.125.224.200: bytes=32 time=140ms TTL=52



Ping statistics for 74.125.224.200:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 69ms, Maximum = 140ms, Average = 104ms

Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 209.191.122.70, 98.139.127.62, 98.139.183.24



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=331ms TTL=44

Reply from 98.139.183.24: bytes=32 time=230ms TTL=45



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 230ms, Maximum = 331ms, Average = 280ms

Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1d 60 1b b6 5c ...... NVIDIA nForce Networking Controller - Packet Scheduler Miniport
0x3 ...00 ff a4 ee 0a 99 ...... TAP-Win32 Adapter V9 - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.8 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.1.8 192.168.1.8 20
192.168.1.0 255.255.255.0 192.168.1.8 192.168.1.8 20
192.168.1.8 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.8 192.168.1.8 20
224.0.0.0 240.0.0.0 192.168.1.8 192.168.1.8 20
255.255.255.255 255.255.255.255 192.168.1.8 192.168.1.8 1
255.255.255.255 255.255.255.255 192.168.1.8 3 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/04/2012 03:26:52 PM) (Source: MsiInstaller) (User: Administrator)Administrator
Description: Product: Replay Media Catcher 4 -- Error 1706. An installation package for the product Replay Media Catcher 4 cannot be found. Try the installation again using a valid copy of the installation package 'RMC.Setup.msi'.

Error: (01/17/2012 09:14:08 AM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)

Error: (01/07/2012 09:31:33 AM) (Source: Application Error) (User: )
Description: Faulting application mipony.exe, version 1.5.1.0, faulting module , version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [mipony.exe!ws!]

Error: (01/05/2012 06:07:43 PM) (Source: Application Error) (User: )
Description: Faulting application winamp.exe, version 5.5.6.2512, faulting module winamp.exe, version 5.5.6.2512, fault address 0x0003dd2e.
Processing media-specific event for [winamp.exe!ws!]

Error: (01/05/2012 04:25:13 PM) (Source: Application Error) (User: )
Description: Faulting application winamp.exe, version 5.5.6.2512, faulting module winamp.exe, version 5.5.6.2512, fault address 0x0003dd2e.
Processing media-specific event for [winamp.exe!ws!]

Error: (12/25/2011 06:21:34 PM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)

Error: (12/25/2011 02:49:02 PM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)

Error: (12/25/2011 03:22:09 AM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)

Error: (12/23/2011 11:23:13 AM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)

Error: (12/23/2011 10:53:22 AM) (Source: JavaQuickStarterService) (User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)


System errors:
=============
Error: (02/14/2012 07:23:31 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
sptd

Error: (02/14/2012 07:23:31 PM) (Source: Service Control Manager) (User: )
Description: The npkcrypt service failed to start due to the following error:
%%3

Error: (02/14/2012 07:23:31 PM) (Source: Service Control Manager) (User: )
Description: The LBeepKE service failed to start due to the following error:
%%31

Error: (02/14/2012 07:23:31 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Workstation service which failed to start because of the following error:
%%1066

Error: (02/14/2012 07:23:31 PM) (Source: Service Control Manager) (User: )
Description: The adfs service failed to start due to the following error:
%%2

Error: (02/14/2012 07:23:31 PM) (Source: Service Control Manager) (User: )
Description: The Workstation service terminated with service-specific error 2250 (0x8CA).

Error: (02/14/2012 07:22:56 PM) (Source: Workstation) (User: )
Description: Could not load RDR device driver.

Error: (02/14/2012 07:22:24 PM) (Source: 0) (User: )
Description:

Error: (02/13/2012 03:39:10 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
sptd

Error: (02/13/2012 03:39:10 AM) (Source: Service Control Manager) (User: )
Description: The npkcrypt service failed to start due to the following error:
%%3


Microsoft Office Sessions:
=========================
Error: (02/04/2012 03:26:52 PM) (Source: MsiInstaller)(User: Administrator)Administrator
Description: Product: Replay Media Catcher 4 -- Error 1706. An installation package for the product Replay Media Catcher 4 cannot be found. Try the installation again using a valid copy of the installation package 'RMC.Setup.msi'.(NULL)(NULL)(NULL)

Error: (01/17/2012 09:14:08 AM) (Source: JavaQuickStarterService)(User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)

Error: (01/07/2012 09:31:33 AM) (Source: Application Error)(User: )
Description: mipony.exe1.5.1.00.0.0.000000000

Error: (01/05/2012 06:07:43 PM) (Source: Application Error)(User: )
Description: winamp.exe5.5.6.2512winamp.exe5.5.6.25120003dd2e

Error: (01/05/2012 04:25:13 PM) (Source: Application Error)(User: )
Description: winamp.exe5.5.6.2512winamp.exe5.5.6.25120003dd2e

Error: (12/25/2011 06:21:34 PM) (Source: JavaQuickStarterService)(User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)

Error: (12/25/2011 02:49:02 PM) (Source: JavaQuickStarterService)(User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)

Error: (12/25/2011 03:22:09 AM) (Source: JavaQuickStarterService)(User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)

Error: (12/23/2011 11:23:13 AM) (Source: JavaQuickStarterService)(User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)

Error: (12/23/2011 10:53:22 AM) (Source: JavaQuickStarterService)(User: )
Description: Unable to create JQS API server: socket() failed (Socket error 10050)


=========================== Installed Programs ============================

??????.??? 5.2 ??? Internet Explorer (Version: 5.2.2.1310)
µTorrent (Version: 2.2.1)
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe AIR (Version: 1.1.0.5790)
Adobe Anchor Service CS3 (Version: 1.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Bridge CS3 (Version: 2)
Adobe Bridge Start Meeting (Version: 1.0)
Adobe Camera Raw 4.0 (Version: 4.0)
Adobe CMaps (Version: 1.0)
Adobe Color - Photoshop Specific (Version: 1.0)
Adobe Color Common Settings (Version: 1.0.1)
Adobe Color EU Extra Settings (Version: 1.0)
Adobe Color JA Extra Settings (Version: 1.0)
Adobe Color NA Recommended Settings (Version: 1.0)
Adobe Default Language CS3 (Version: 1.0)
Adobe Device Central CS3 (Version: 1.0)
Adobe ExtendScript Toolkit 2 (Version: 2.0.2)
Adobe Flash Player 10 Plugin (Version: 10.3.181.34)
Adobe Flash Player 11 ActiveX (Version: 11.0.1.152)
Adobe Fonts All (Version: 1.0)
Adobe Help Viewer CS3 (Version: 1)
Adobe Linguistics CS3 (Version: 3.0.0)
Adobe Media Player (Version: 0.0.0)
Adobe Media Player (Version: 1.1)
Adobe PDF Library Files (Version: 8.0)
Adobe Photoshop CS3 (Version: 10)
Adobe Photoshop CS3 (Version: 10.0)
Adobe Reader 9 (Version: 9.0.0)
Adobe Setup (Version: 1.0)
Adobe Stock Photos CS3 (Version: 1.5)
Adobe Type Support (Version: 1.0)
Adobe Update Manager CS3 (Version: 5.1.0)
Adobe Version Cue CS3 Client (Version: 3)
Adobe WinSoft Linguistics Plugin (Version: 1.0)
Adobe XMP Panels CS3 (Version: 1.0)
Advanced Audio FX Engine
Advanced Video FX Engine
Apple Application Support (Version: 2.0.1)
Apple Software Update (Version: 2.1.3.127)
Ashampoo Burning Studio 6 FREE v.6.80 (Version: 6.8.0)
ATI - Software Uninstall Utility (Version: 6.14.10.1020)
ATI AVIVO Codecs (Version: 9.15.0.20713)
ATI Catalyst Control Center (Version: 2.008.0225.2152)
ATI Display Driver (Version: 8.471-080225a1-059748C-ATI)
ATI HYDRAVISION (Version: 3.25.0006)
ATI Parental Control & Encoder (Version: 3.0)
ATI Problem Report Wizard (Version: 8.10)
Auslogics Disk Defrag (Version: version 3.1)
avast! Free Antivirus (Version: 6.0.1367.0)
AVS Update Manager 1.0
AVS Video Converter 8
AVS4YOU Software Navigator 1.4
CameraHelperMsi (Version: 13.10.1217.0)
Catalyst Control Center Core Implementation (Version: 2008.0225.2153.39091)
Catalyst Control Center Graphics Full Existing (Version: 2008.0225.2153.39091)
Catalyst Control Center Graphics Full New (Version: 2008.0225.2153.39091)
Catalyst Control Center Graphics Light (Version: 2008.0225.2153.39091)
Catalyst Control Center Graphics Previews Common (Version: 2008.0225.2153.39091)
Catalyst Control Center Localization Chinese Standard (Version: 2008.0225.2153.39091)
Catalyst Control Center Localization Chinese Traditional (Version: 2008.0225.2153.39091)
Catalyst Control Center Localization Czech (Version: 2008.0225.2153.39091)
Catalyst Control Center Localization Danish (Version: 2008.0225.2153.39091)
Catalyst Control Center Localization Dutch (Version: 2008.0225.2153.39091)
Catalyst Control Center Localization Finnish (Version: 2008.0225.2153.39091)
Catalyst Control Center Localization French (Version: 2008.0225.2153.39091)
Catalyst Control Center Localization German (Version: 2008.0225.2153.39091)
Catalyst Control Center Localization Greek (Version: 2008.0225.2153.39091)
Catalyst Control Center Localization Hungarian (Version: 2008.0225.2153.39091)
Catalyst Control Center Localization Italian (Version: 2008.0225.2153.39091)
Catalyst Control Center Localization Japanese (Version: 2008.0225.2153.39091)
Catalyst Control Center Localization Korean (Version: 2008.0225.2153.39091)
Catalyst Control Center Localization Norwegian (Version: 2008.0225.2153.39091)
Catalyst Control Center Localization Polish (Version: 2008.0225.2153.39091)
Catalyst Control Center Localization Portuguese (Version: 2008.0225.2153.39091)
Catalyst Control Center Localization Russian (Version: 2008.0225.2153.39091)
Catalyst Control Center Localization Spanish (Version: 2008.0225.2153.39091)
Catalyst Control Center Localization Swedish (Version: 2008.0225.2153.39091)
Catalyst Control Center Localization Thai (Version: 2008.0225.2153.39091)
Catalyst Control Center Localization Turkish (Version: 2008.0225.2153.39091)
ccc-core-preinstall (Version: 2008.0225.2153.39091)
ccc-core-static (Version: 2008.0225.2153.39091)
ccc-utility (Version: 2008.0225.2153.39091)
CCC Help Chinese Standard (Version: 2008.0225.2152.39091)
CCC Help Chinese Traditional (Version: 2008.0225.2152.39091)
CCC Help Czech (Version: 2008.0225.2152.39091)
CCC Help Danish (Version: 2008.0225.2152.39091)
CCC Help Dutch (Version: 2008.0225.2152.39091)
CCC Help English (Version: 2008.0225.2152.39091)
CCC Help Finnish (Version: 2008.0225.2152.39091)
CCC Help French (Version: 2008.0225.2152.39091)
CCC Help German (Version: 2008.0225.2152.39091)
CCC Help Greek (Version: 2008.0225.2152.39091)
CCC Help Hungarian (Version: 2008.0225.2152.39091)
CCC Help Italian (Version: 2008.0225.2152.39091)
CCC Help Japanese (Version: 2008.0225.2152.39091)
CCC Help Korean (Version: 2008.0225.2152.39091)
CCC Help Norwegian (Version: 2008.0225.2152.39091)
CCC Help Polish (Version: 2008.0225.2152.39091)
CCC Help Portuguese (Version: 2008.0225.2152.39091)
CCC Help Russian (Version: 2008.0225.2152.39091)
CCC Help Spanish (Version: 2008.0225.2152.39091)
CCC Help Swedish (Version: 2008.0225.2152.39091)
CCC Help Thai (Version: 2008.0225.2152.39091)
CCC Help Turkish (Version: 2008.0225.2152.39091)
CCleaner (Version: 3.14)
CDDRV_Installer (Version: 4.60)
Company of Heroes - FAKEMSI (Version: 2.0.0.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6514.5001)
Creative Audio Console
Creative MediaSource 5 (Version: 5.26)
Creative Software AutoUpdate
Creative System Information
Creative WaveStudio 7 (Version: 7.12)
DigitImg (Version: 2.00.0000)
Dropbox (Version: 1.1.35)
DropBox (Version: 6.5.0.0)
dupeGuru Music Edition (Version: 5.10.2)
Easy CD-DA Extractor 2011 (Version: 2011)
erLT (Version: 1.20.138.34)
ESET Online Scanner v3
GEAR 32bit Driver Installer (Version: 2.005.1)
HMA! Pro VPN 2.6.9 (Version: 2.6.9)
HP Software Update (Version: 2.0.37.20031205)
ImagXpress (Version: 7.0.74.0)
IsoBuster 2.7 (Version: 2.7)
Java Auto Updater (Version: 2.0.3.1)
Java™ 6 Update 24 (Version: 6.0.240)
Java™ 6 Update 6 (Version: 1.6.0.60)
Java™ 6 Update 7 (Version: 1.6.0.70)
Junk Mail filter update (Version: 14.0.8089.726)
KhalInstallWrapper (Version: 4.72.40)
Logitech SetPoint (Version: 4.72)
Logitech Webcam Software (Version: 2.0)
LWS Facebook (Version: 13.10.1216.0)
LWS Gallery (Version: 13.10.1216.0)
LWS Help_main (Version: 13.10.1224.0)
LWS Launcher (Version: 13.10.1224.0)
LWS Motion Detection (Version: 13.10.1218.0)
LWS Pictures And Video (Version: 13.10.1218.0)
LWS Twitter (Version: 13.00.1216.0)
LWS Video Mask Maker (Version: 13.10.1216.0)
LWS VideoEffects (Version: 13.00.1774.0)
LWS Webcam Software (Version: 13.00.1774.0)
LWS WLM Plugin (Version: 1.10.1222.0)
LWS YouTube Plugin (Version: 13.10.1216.0)
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2572067)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Games for Windows - LIVE (Version: 2.0.687.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.0.19.0)
Microsoft Office Word Viewer 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR) (Version: 8.00.761)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft XML Parser (Version: 8.70.1104.04)
MiPony 1.5.1 (Version: 1.5.1)
MixMeister Fusion 7.3.5
MIXVIBES - U46MK2 Audio Driver
Mozilla Firefox 10.0.1 (x86 en-US) (Version: 10.0.1)
MPEG2 Codec(libmpeg2/mad)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6 Service Pack 2 (KB954459) (Version: 6.20.1099.0)
MyAshampoo Toolbar (Version: 6.8.5.1)
neroxml (Version: 1.0.0)
NVIDIA Drivers
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
overland (Version: 2.1.5)
Oxelon Media Converter 1.1
PDF Settings (Version: 1.0)
Platinum Notes 2.0 (Version: 2.0)
PS7900 (Version: 1.01.0000)
PSShortcuts (Version: 1.01.0000)
PSUsage (Version: 1.30.0000)
QFolder (Version: 1.00.0000)
QuickTime (Version: 7.70.80.34)
Realtek High Definition Audio Driver
Replay Media Catcher 4 (Version: 4.2.1)
Segoe UI (Version: 14.0.4327.805)
ShowXpress
Skins (Version: 2008.0225.2153.39091)
Skype™ 5.5 (Version: 5.5.124)
Sony Media Manager 2.0 (Version: 2.0.40)
SoulSeek 157 NS 13e
Sound Blaster X-Fi Xtreme Audio (Version: 1.0)
Sound Forge Pro 10.0 (Version: 10.0.368)
Steam (Version: 1.0.0.0)
SUPERAntiSpyware Free Edition (Version: 4.26.0.1000)
SureThing CD Labeler Deluxe 4
Ubisoft Game Launcher (Version: 1.0.0.0)
Uninstall 1.0.0.1
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB971180) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
VCRedistSetup (Version: 1.0.0)
VLC media player 1.1.11 (Version: 1.1.11)
Voxware Audio decoder 1.6 (Version: 1.6.0)
Vyzex MPD26 (Version: Vyzex MPD26 v1.00)
Ward180
Warhammer 40,000: Dawn of War - Soulstorm (Version: 1.0)
Warhammer 40,000: Dawn of War II
WebFldrs XP (Version: 9.50.7523)
Winamp (Version: 5.56 )
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Media Format 11 runtime
Windows PowerShell™ 1.0 (Version: 2)
Windows Presentation Foundation (Version: 3.0.6920.0)
WinRAR archiver
Wise Disk Cleaner 5.93
Wise PC Engineer 6.3.8
XML Paper Specification Shared Components Pack 1.0
Yahoo! Messenger

========================= Memory info: ===================================

Percentage of memory in use: 23%
Total physical RAM: 3582.48 MB
Available physical RAM: 2731.27 MB
Total Pagefile: 5464.29 MB
Available Pagefile: 4836.35 MB
Total Virtual: 2047.88 MB
Available Virtual: 1969.62 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:298.08 GB) (Free:133 GB) NTFS
4 Drive f: (IOMEGA HDD) (Fixed) (Total:111.79 GB) (Free:22.49 GB) NTFS
10 Drive l: (POWER 2) (Fixed) (Total:1863.01 GB) (Free:1548.7 GB) NTFS
11 Drive n: (MECCA) (Removable) (Total:7.47 GB) (Free:3.94 GB) FAT32

========================= Users: ========================================

**** End of log ****

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:22 AM

Posted 15 February 2012 - 09:52 AM

Can you run AWSMBR now?

#7 Mr Darkwater

Mr Darkwater
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:22 PM

Posted 15 February 2012 - 11:35 PM

aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software
Run date: 2012-02-15 12:01:05
-----------------------------
12:01:05.046 OS Version: Windows 5.1.2600 Service Pack 3
12:01:05.046 Number of processors: 2 586 0x1706
12:01:05.046 ComputerName: PAST-594BFF0499 UserName: Administrator
12:01:05.640 Initialize success
12:01:05.687 AVAST engine defs: 12021501
12:01:14.390 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000080
12:01:14.390 Disk 0 Vendor: Hitachi_HDP725032GLA360 GM3OA52A Size: 305245MB BusType: 3
12:01:14.406 Disk 0 MBR read successfully
12:01:14.406 Disk 0 MBR scan
12:01:14.406 Disk 0 Windows XP default MBR code
12:01:14.406 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 305234 MB offset 63
12:01:14.406 Disk 0 scanning sectors +625121280
12:01:14.453 Disk 0 scanning C:\WINDOWS\system32\drivers
12:01:22.734 Service scanning
12:01:23.015 Service .afd \? **LOCKED** 123
12:01:23.015 Service .cdrom \? **LOCKED** 123
12:01:23.015 Service .mrxsmb \* **LOCKED** 123
12:01:23.015 Service .netbt \? **LOCKED** 123
12:01:23.031 Service .serial \? **LOCKED** 123
12:01:23.843 Modules scanning
12:01:30.015 Disk 0 trace - called modules:
12:01:30.046 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll nvata.sys
12:01:30.046 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b205ab8]
12:01:30.062 3 CLASSPNP.SYS[ba108fd7] -> nt!IofCallDriver -> \Device\00000081[0x8b23d9b8]
12:01:30.062 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\00000080[0x8b205030]
12:01:30.406 AVAST engine scan C:\WINDOWS
12:01:34.562 AVAST engine scan C:\WINDOWS\system32
12:03:44.312 AVAST engine scan C:\WINDOWS\system32\drivers
12:03:57.703 AVAST engine scan C:\Documents and Settings\Administrator
12:17:14.750 AVAST engine scan C:\Documents and Settings\All Users
12:19:26.218 Scan finished successfully
13:54:32.000 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\MBR.dat"
13:54:32.015 The log file has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\aswMBR.txt"




Whatcha think boss?

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:22 AM

Posted 16 February 2012 - 12:39 AM

You're still infected.We need advanced tools to make sure PC is clean

Read the guide here

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck

#9 Mr Darkwater

Mr Darkwater
  • Topic Starter

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:22 PM

Posted 17 February 2012 - 04:58 PM

Thanks for all your help narenxp!


Blessings!




Darkwater

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:22 AM

Posted 17 February 2012 - 09:11 PM

You're most welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users